From 5f06ede200fb390aafb7831c8c944ddd677be023 Mon Sep 17 00:00:00 2001
From: Eric Biggers <ebiggers@google.com>
Date: Mon, 14 Jan 2019 18:43:25 -0800
Subject: Add support for the Adiantum encryption mode

Add Adiantum support to the fscrypt userspace tool.  Supported in the
kernel since v5.0-rc1, Adiantum is a length-preserving encryption mode
based primarily on XChaCha12.  It is fast even on CPUs without AES
instructions.  Unlike XTS it is also a wide-block encryption mode.
Adiantum is supported for both contents and filenames encryption.

For Adiantum encryption policies, also make the fscrypt tool provide the
new DIRECT_KEY flag, which further improves performance by requesting
that all files be encrypted directly with the policy key.  This takes
advantage of Adiantum's support for long tweaks.

See the kernel commit "fscrypt: add Adiantum support"
(https://git.kernel.org/torvalds/c/8094c3ceb21ad938) for more details.
---
 metadata/metadata.proto | 1 +
 1 file changed, 1 insertion(+)

(limited to 'metadata/metadata.proto')

diff --git a/metadata/metadata.proto b/metadata/metadata.proto
index 5e1b9dd..6fe0ad9 100644
--- a/metadata/metadata.proto
+++ b/metadata/metadata.proto
@@ -72,6 +72,7 @@ message EncryptionOptions {
     AES_256_CTS = 4;
     AES_128_CBC = 5;
     AES_128_CTS = 6;
+    Adiantum = 9;
   }
 
   Mode contents = 2;
-- 
cgit v1.2.3